Vulnerabilities (CVE)

Filtered by vendor Documentcloud Subscribe
Filtered by product Karteek-docsplit
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-1933 2 Documentcloud, Ruby-lang 2 Karteek-docsplit, Ruby 2024-02-28 9.3 HIGH N/A
The extract_from_ocr function in lib/docsplit/text_extractor.rb in the Karteek Docsplit (karteek-docsplit) gem 0.5.4 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a PDF filename.